Microsoft Previews Web Server Security Baseline Tool
Microsoft this week offered yet another preview of a new Operations Management Suite (OMS) feature, this time focused on checking the security compliance of Windows Web servers.
The new Web Security Baseline Assessment preview is part of the OMS Security and Audit Solution. It compares Microsoft's recommendations for Web server configurations with the configurations detected on the customer's premises. It also can be used to scan the Web server security baselines used on Microsoft Azure or "other cloud platforms" that OMS can monitor. OMS is Microsoft's solution for managing public cloud workloads.
The Web Security Baseline Assessment preview will check registry rules, audit policies and security policies for Windows Web servers, including .NET, ASP.NET and Internet Information Services configurations, according to Microsoft's documentation. It scans Web servers every 24 hours as part of this process. Users see results in the OMS Security and Audit dashboard.
The dashboard shows the machines that passed. based on Microsoft's baseline security settings recommendations, along with the compliance percentage numbers. There's also a list of failures, along with severity rankings. Machines that weren't assessed get listed, too. Users can create their own custom dashboards from the queries used by the tool via the OMS View Designer.
OMS supports running these baseline profiles on Web Servers using Windows Server 2008 R2 through Windows Server 2012 R2. Microsoft is still working on adding support for Windows Server 2016, according to this Microsoft document.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.